In some cases, the CAs may require manual verification if your order fails any internal rules of Brand Validation. It takes around 24-48 hours to pass this manual check, and the CA will either issue or reject an order in such cases.
Here are the most common reasons why certificate authorities decide to do the brand validation for some orders:
1) Orders from some countries are reviewed manually more often than others, for example: South Korea, North Korea, Japan;
2) Restricted countries – Afghanistan (AF), Crimea (Russia), Cote d’Ivoire (CI), Cuba (CU), Eritrea (ER), Guinea (GN), Iraq (IQ), Iran (IR), Democratic People’s Republic of Korea (KP), Liberia (LR), Myanmar (MM), Rwanda (RW), Sudan (SD), Sierra Leone (SL), South Sudan (SS), Syrian Arab Republic (SY), Zimbabwe (ZW) – SSL are NOT issued for these countries;
3) The domain name includes a brand name, such as: facebook-app.com, sony-shop.net, dellshop.com, etc;
4) The domain name may have a hidden brand name. For example, your domain is “sibmama.com”, but the automated validation system may read it as “sIBMama” and flag the “IBM” brand. The certificate authority wants to check such orders manually;
5) The domain name has “stop words”, such as: pay, online, secure, booking, shop, bank, transfer, money, e-payment, payment, protection, violence, terrorists, and others. These words and many others are set as triggering words inside the validation system, and make the certificate authority review such orders manually;
6) Domain name is blacklisted OR has a bad reputation.
What you can do to speed up the process?
Please contact Comodo/Sectigo and Thawte, RapidSSL, GeoTrust, Symantec directly via live chat and discuss the situation with the CA’s representative.
Please mention your “Partner Order ID” in your message. You can find your “Partner Order ID” on the details page of your SSL Certificate inside your SSL Dragon account. See screenshot on the right.